Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
github actions "security" keyword
Top 8.5% on github actions
44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
accurics/accurics-action v2.0.3
The Accurics GitHub Action scans IaC (Infrastructure as Code) to help identify vulnerabilities pr...44 versions - Latest release: over 1 year ago - 3 dependent repositories - 12 stars on GitHub
Top 0.9% on github actions
4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rs/audit-check v1.2.0 removed 💰
Run cargo audit and check for security advisories4 versions - Latest release: about 4 years ago - 2,306 dependent repositories - 157 stars on GitHub
actions-rust-lang/audit v1.1.14
Audit Rust dependencies with cargo audit and the RustSec Advisory DB21 versions - Latest release: 3 months ago - 26 dependent repositories - 5 stars on GitHub
adanalvarez/openai-security-review v0.2.0
A GitHub Action that reviews the modified files and comments with security recommendations4 versions - Latest release: over 1 year ago - 3 stars on GitHub
Top 9.4% on github actions
7 versions - Latest release: 4 months ago - 2 dependent repositories - 18 stars on GitHub
advanced-security/codeql-bundle-action v2.0.1
Action to build custom CodeQL bundles7 versions - Latest release: 4 months ago - 2 dependent repositories - 18 stars on GitHub
albuch/sbt-dependency-check-action v1.0
Github action to execute sbt-dependency-check as part of a github workflow1 version - Latest release: about 3 years ago - 3 dependent repositories - 1 stars on GitHub
alcideio/advisor-action v1.1.2
Security Scan Kubernetes Cluster11 versions - Latest release: about 4 years ago - 1 dependent repositories - 13 stars on GitHub
alessiodionisi/setup-age-action v1.3.0 💰
Setup age and add it to the PATH5 versions - Latest release: 3 months ago - 1 dependent repositories - 7 stars on GitHub
Top 5.5% on github actions
2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
andrewmcodes/bundler-audit-action v0.1.0 💰
GitHub Action for running bundler-audit2 versions - Latest release: almost 4 years ago - 19 dependent repositories - 14 stars on GitHub
Top 4.1% on github actions
8 versions - Latest release: about 1 year ago - 114 dependent repositories - 23 stars on GitHub
apisec-inc/apisec-run-scan v1.0.7
Continuous, automated, comprehensive API Security Testing8 versions - Latest release: about 1 year ago - 114 dependent repositories - 23 stars on GitHub
Top 6.2% on github actions
9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
apisec-inc/ethicalcheck-action v1.0.6 removed
Free & Instant API Penetration Testing Service9 versions - Latest release: over 1 year ago - 33 dependent repositories - 28 stars on GitHub
Aptori-dev/sift-action v1.0.1
Find business logic and security bugs in your application with Aptori Autonomous API Security Tes...3 versions - Latest release: 9 months ago - 6 stars on GitHub
Top 6.5% on github actions
8 versions - Latest release: 8 months ago - 4 dependent repositories - 50 stars on GitHub
aquasecurity/tracee-action v0.4.0-stop
Protect your GitHub Actions pipelines with eBPF profiling8 versions - Latest release: 8 months ago - 4 dependent repositories - 50 stars on GitHub
Top 0.3% on github actions
58 versions - Latest release: about 2 months ago - 3,327 dependent repositories - 578 stars on GitHub
aquasecurity/trivy-action 0.19.0
Scans container images for vulnerabilities with Trivy58 versions - Latest release: about 2 months ago - 3,327 dependent repositories - 578 stars on GitHub
artplan1/brakeman-action v1.2.1
GitHub Action to run Brakeman static analysis which checks Ruby on Rails applications for securit...4 versions - Latest release: about 4 years ago - 23 dependent repositories - 2 stars on GitHub
aufdenpunkt/python-safety-check v1.0.5
Helps to find known security vulnerabilities in your python application6 versions - Latest release: almost 3 years ago - 23 dependent repositories - 2 stars on GitHub
awslabs/aws-lc-verification removed
Check SAW proofs to verify AWS-LC against Cryptol specsLatest release: 7 months ago - 13 stars on GitHub
bashofmann/neuvector-image-scan-action
Scans a container image for vulnerabilities with [NeuVector](https://neuvector.com)Latest release: 28 days ago - 1 stars on GitHub
Top 2.2% on github actions
1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
bridgecrewio/bridgecrew-action v1.2343.0
Find and fix security and compliance issues in infrastructure as code, open source packages, cont...1,100 versions - Latest release: 6 months ago - 114 dependent repositories - 71 stars on GitHub
Top 0.9% on github actions
1,194 versions - Latest release: 3 months ago - 507 dependent repositories - 190 stars on GitHub
bridgecrewio/checkov-action v12.2659.0
Run Checkov against infrastructure as code, open source packages, container images, and CI/CD con...1,194 versions - Latest release: 3 months ago - 507 dependent repositories - 190 stars on GitHub
bugale/bugalint v2.1.0
Convert various linter outputs to standard formats4 versions - Latest release: 8 months ago - 1 dependent repositories - 3 stars on GitHub
carhartl/talisman-secrets-scan-action v1.4.0
Scan an incoming range of commits for accidentally added secrets and sensitive information7 versions - Latest release: about 1 year ago - 8 dependent repositories - 3 stars on GitHub
cfy9/trivy-action v0.0.2
GitHub action to scan docker images for vulnerability issues using trivy.2 versions - Latest release: about 2 years ago - 1 stars on GitHub
chaitin/veinmind-action v1.0.5
Scan images for security issues with veinmind-tools6 versions - Latest release: over 1 year ago - 2 dependent repositories - 8 stars on GitHub
Top 5.2% on github actions
55 versions - Latest release: 28 days ago - 73 dependent repositories - 9 stars on GitHub
checkmarx/ast-github-action 2.0.25
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...55 versions - Latest release: 28 days ago - 73 dependent repositories - 9 stars on GitHub
Top 6.1% on github actions
55 versions - Latest release: 28 days ago - 22 dependent repositories - 9 stars on GitHub
Checkmarx/ast-github-action 2.0.25
Simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx AST...55 versions - Latest release: 28 days ago - 22 dependent repositories - 9 stars on GitHub
Checkmarx/dustilock v1.2.0
DustiLock is a tool to find which of your dependencies is susceptible to Dependency Confusion attack4 versions - Latest release: over 2 years ago - 28 stars on GitHub
Top 7.1% on github actions
7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
checkmarx-ts/checkmarx-github-action v1.0.6
Find vulnerabilities in your code using Checkmarx SAST solution7 versions - Latest release: about 3 years ago - 3 dependent repositories - 24 stars on GitHub
clj-holmes/clj-holmes-action main
Executes clj-holmes security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 48 dependent repositories - 4 stars on GitHub
clj-holmes/clj-watson-action main
Executes clj-watson dependency security scan in clojure/clojurescript projects.1 version - Latest release: over 1 year ago - 15 dependent repositories - 2 stars on GitHub
Top 6.5% on github actions
10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
Contrast-Security-OSS/contrastscan-action v3.0.1
Perform SAST analysis of a project10 versions - Latest release: 4 months ago - 34 dependent repositories - 19 stars on GitHub
Contrast-Security-OSS/integration-verify-github-action v0.6.7
Verify Contrast Application by Job Outcome Policy or Vulnerability Count12 versions - Latest release: 2 months ago - 2 stars on GitHub
CrowdStrike/container-image-scan-action v1.2.0
Scan your container image for vulnerabilities and malware12 versions - Latest release: about 2 months ago - 1 dependent repositories - 11 stars on GitHub
CycodeLabs/cimon-action v0.9.4
Runtime Security Solution for your CI/CD Pipeline26 versions - Latest release: 7 months ago - 1 dependent repositories - 59 stars on GitHub
daltonmenezes/discord-guardian-action v1.1.0 💰
Fetches the list of malicious domains on Discord in different providers and creates/updates a JSO...3 versions - Latest release: about 2 years ago - 1 dependent repositories - 7 stars on GitHub
dentarg/gem-compare v1.3.2 removed 💰
Compare different gem versions9 versions - Latest release: 6 months ago - 4 dependent repositories - 1 stars on GitHub
Top 4.7% on github actions
19 versions - Latest release: 2 months ago - 68 dependent repositories - 35 stars on GitHub
djdefi/gitavscan 19 💰
Anti Virus scan for malicious files in a Git repository19 versions - Latest release: 2 months ago - 68 dependent repositories - 35 stars on GitHub
dlint-py/dlint-action 1.0.0
A tool for encouraging best coding practices and helping ensure we're writing secure Python code.1 version - Latest release: about 4 years ago - 1 dependent repositories - 0 stars on GitHub
Top 8.6% on github actions
3 versions - Latest release: 3 months ago - 1 dependent repositories - 39 stars on GitHub
DopplerHQ/cli-action v3
Install the Doppler CLI into your PATH3 versions - Latest release: 3 months ago - 1 dependent repositories - 39 stars on GitHub
DopplerHQ/secrets-fetch-action v1.2.0
Fetch Doppler secrets for a specific Project and Config6 versions - Latest release: about 2 months ago - 9 stars on GitHub
druidfi/security-checker-action v1
Checks composer.json for known available security updates in your package dependencies1 version - Latest release: about 2 years ago - 1 dependent repositories - 0 stars on GitHub
DVKunion/CollieTrickster v1.1.1
Use Collie to get an free host3 versions - Latest release: about 1 year ago - 38 stars on GitHub
edersonbrilhante/vilicus-github-action v0.0.1
Scans container images for vulnerabilities using Vilicus2 versions - Latest release: about 3 years ago - 1 dependent repositories - 5 stars on GitHub
embold/github-action-docker v0.2
Embold design and code quality scanning engine2 versions - Latest release: over 2 years ago - 1 dependent repositories - 2 stars on GitHub
Top 9.5% on github actions
9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
erzz/dockle-action v1.4.0
Lint & Best Practices for container images with integrations to Github UI9 versions - Latest release: 9 months ago - 88 dependent repositories - 10 stars on GitHub
fabasoad/setup-graudit-action v0.2.3 💰
This action installs graudit CLI tool.8 versions - Latest release: about 1 month ago - 0 stars on GitHub
f-actions/opentype-sanitizer v3.0.0
A GitHub Action for opentype-sanitizer testing of font artifacts8 versions - Latest release: 3 months ago - 1 dependent repositories - 6 stars on GitHub
Top 8.5% on github actions
6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
federacy/scan-action 0.1.5
SAST and Dependency Scanning6 versions - Latest release: about 1 year ago - 7 dependent repositories - 11 stars on GitHub
Top 5.9% on github actions
18 versions - Latest release: 11 months ago - 88 dependent repositories - 24 stars on GitHub
ForAllSecure/mapi-action v2.0.0
Automatically test your REST APIs with your OpenAPI specs and Postman collections18 versions - Latest release: 11 months ago - 88 dependent repositories - 24 stars on GitHub
gabrielrufino/mongodump-action v1.0.2 removed 💰
GitHub Action for creating a binary export of a database's contents5 versions - Latest release: 5 months ago - 1 dependent repositories - 0 stars on GitHub
gacts/gitleaks v1.2.0
Installs and runs GitLeaks in your actions workflow11 versions - Latest release: 6 months ago - 70 dependent repositories - 11 stars on GitHub
gbrls/cabueta v1.1.0
Security Scanning in your CI/CD3 versions - Latest release: over 1 year ago - 3 stars on GitHub
Top 7.2% on github actions
13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
GeekMasher/advanced-security-compliance v1.7.0
ghascompliance13 versions - Latest release: over 1 year ago - 1 dependent repositories - 124 stars on GitHub
georgealton/iam-sarif-report v2.3.2
Generate SARIF from AWS IAM Access Analyzer findings12 versions - Latest release: about 1 month ago - 5 stars on GitHub
geritol/write-guard v0.4.0
Enforce file level write access for monorepos6 versions - Latest release: over 2 years ago - 1 dependent repositories - 8 stars on GitHub
ghr-actions/settings-check v0.1.0
Checks that a GitHub repos settings line up with a specification1 version - Latest release: almost 3 years ago - 1 dependent repositories - 2 stars on GitHub
gioragutt/scan-unverified-actions v1
Scans your Github Actions Workflows for unverified actions1 version - Latest release: over 2 years ago - 1 dependent repositories - 1 stars on GitHub
Top 1.1% on github actions
36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
gitleaks/gitleaks-action v2.3.4 removed
run gitleaks on push and pull-request events36 versions - Latest release: 3 months ago - 211 dependent repositories - 243 stars on GitHub
godaddy/tartufo-action 4.1.0
Runs scan-local-repo with default options9 versions - Latest release: about 1 year ago - 4 dependent repositories - 7 stars on GitHub
Top 0.3% on github actions
33 versions - Latest release: 3 months ago - 4,745 dependent repositories - 778 stars on GitHub
google-github-actions/auth v2.1.2
Authenticate to Google Cloud from GitHub Actions via Workload Identity Federation or service acco...33 versions - Latest release: 3 months ago - 4,745 dependent repositories - 778 stars on GitHub
GorillaStack/github-action-apply-on-merge v0.1.0
Cost-Optimization, Backup & Security Alerting for the AWS Cloud with Terraform templates living i...1 version - Latest release: almost 5 years ago - 15 stars on GitHub
Top 0.6% on github actions
21 versions - Latest release: 19 days ago - 11,383 dependent repositories - 253 stars on GitHub
gradle/wrapper-validation-action v3.3.2 removed
Validates Gradle Wrapper JAR Files21 versions - Latest release: 19 days ago - 11,383 dependent repositories - 253 stars on GitHub
GrantBirki/auditor-action v4.2.0
The Auditor26 versions - Latest release: 29 days ago - 2 stars on GitHub
GrantBirki/auditor-action-core v3.0.1 removed
The Auditor Action's Core21 versions - Latest release: about 2 months ago - 1 dependent repositories - 0 stars on GitHub
grolston/guard-action 1.0
Guard ShiftLeft1 version - Latest release: almost 2 years ago - 1 dependent repositories - 2 stars on GitHub
hahwul/authz0 v1.1.2 💰
Unauthorized access can be identified based on URLs and Roles & Credentials.5 versions - Latest release: about 2 years ago - 335 stars on GitHub
Top 7.0% on github actions
14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
hahwul/deadfinder 1.3.4 💰
Find dead-links (broken links)14 versions - Latest release: 4 months ago - 2 dependent repositories - 89 stars on GitHub
hahwul/mzap v1.3.1 💰
Multiple target ZAP Scanning10 versions - Latest release: 8 months ago - 92 stars on GitHub
hahwul/zest-env v1.1.4 💰
Zest CLI in Github action7 versions - Latest release: 9 days ago - 8 stars on GitHub
hashicorp/setup-signore v2.1.0
setup-signore downloads, installs, and configures the signore signing service client9 versions - Latest release: 12 months ago - 9 dependent repositories - 0 stars on GitHub
Top 6.7% on github actions
3 versions - Latest release: 5 months ago - 21 dependent repositories - 17 stars on GitHub
HCL-TECH-SOFTWARE/appscan-codesweep-action v2.1
Scan for security issues in code3 versions - Latest release: 5 months ago - 21 dependent repositories - 17 stars on GitHub
HCL-TECH-SOFTWARE/appscan-dast-action v1.0.5
Scan for security issues in web applications6 versions - Latest release: about 1 year ago - 4 dependent repositories - 1 stars on GitHub
HCL-TECH-SOFTWARE/appscan-sast-action v1.0.4
Scan for security issues in code5 versions - Latest release: about 1 month ago - 7 dependent repositories - 3 stars on GitHub
hoeg/semgrep-report v1.0.2
Report Semgrep findimgs to PRs with suggested changes5 versions - Latest release: 11 months ago - 0 stars on GitHub
InstaCode/lockdown v1.0.0
Restrict build runs to specific users.3 versions - Latest release: about 4 years ago - 0 stars on GitHub
Top 7.2% on github actions
20 versions - Latest release: 3 months ago - 74 dependent repositories - 12 stars on GitHub
jbergstroem/hadolint-gh-action v1.12.2
A stable, well-tested, highly configurable way of checking your Dockerfile(s) with Hadolint20 versions - Latest release: 3 months ago - 74 dependent repositories - 12 stars on GitHub
jetstack/paranoia v0.2.1
Validate the presence or absence of certificate authorities in your container image.6 versions - Latest release: over 1 year ago - 195 stars on GitHub
jhutchings1/spdx-to-dependency-graph-action v0.0.2 removed
Upload SPDX SBOM files to the dependency graph's dependency submission API2 versions - Latest release: over 1 year ago - 6 dependent repositories - 10 stars on GitHub
JosiahSiegel/runleaks v1.0.1
Identify potential leaks in GitHub action logs5 versions - Latest release: about 1 year ago - 0 stars on GitHub
Top 5.0% on github actions
10 versions - Latest release: 2 months ago - 84 dependent repositories - 12 stars on GitHub
jpetrucciani/bandit-check 1.7.8 💰
GitHub action to lint your python code with bandit10 versions - Latest release: 2 months ago - 84 dependent repositories - 12 stars on GitHub
kahu-app/github-action v0.3.1
Dependency security check8 versions - Latest release: 10 months ago - 0 stars on GitHub
kattecon/gh-app-access-token-gen v1.0.0
Generates a GitHub Access Token for a Github App based upon specific inputs.2 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
kitabisa/gokart-action v1.0.0
Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form...1 version - Latest release: over 2 years ago - 1 dependent repositories - 9 stars on GitHub
Top 2.5% on github actions
11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
kitabisa/sonarqube-action v1.2.1
Scan your code with SonarQube Scanner to detect bugs, vulnerabilities and code smells in more tha...11 versions - Latest release: 8 months ago - 59 dependent repositories - 122 stars on GitHub
kubeshop/monokle-action v0.3.2
Monokle Action analyzes your Kubernetes resources to quickly find misconfigurations.8 versions - Latest release: 6 months ago - 1 dependent repositories - 3 stars on GitHub
Top 4.2% on github actions
8 versions - Latest release: about 4 years ago - 15 dependent repositories - 51 stars on GitHub
lazy-actions/gitrivy v2.0.0
Scan docker image vulnerability using Trivy and create GitHub Issue8 versions - Latest release: about 4 years ago - 15 dependent repositories - 51 stars on GitHub
Top 6.6% on github actions
30 versions - Latest release: 5 months ago - 1 dependent repositories - 710 stars on GitHub
Legit-Labs/legitify v1.0.7
Legitify GitHub Action30 versions - Latest release: 5 months ago - 1 dependent repositories - 710 stars on GitHub
Top 2.8% on github actions
48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
lirantal/is-website-vulnerable 1.15.10
Scans a url for public javascript library vulnerabilities48 versions - Latest release: about 4 years ago - 14 dependent repositories - 1,857 stars on GitHub
lnavarrocarter/actions-rules-repository 1.1.4
Add rules repository labels to issues and pull requests.7 versions - Latest release: about 1 year ago - 1 dependent repositories - 1 stars on GitHub
magmanu/github-workflow-security-scanner v0.1.0 removed
A GitHub Action that performs static analysis on your workflows1 version - Latest release: about 1 year ago - 0 stars on GitHub
malice-labs/fork-sentry 1.0 removed
Detect and alert on suspicious forks of your repository1 version - Latest release: over 2 years ago - 2 stars on GitHub
marcuslindblom/security-headers v1.2.0 removed 💰
Quickly and easily assess the security of your HTTP response headers4 versions - Latest release: almost 3 years ago - 1 dependent repositories - 8 stars on GitHub
martins-vds/export-secrets-action v1
Export secrets to CSV file.1 version - Latest release: 12 months ago - 1 dependent repositories - 0 stars on GitHub
Top 2.7% on github actions
12 versions - Latest release: 6 months ago - 42 dependent repositories - 80 stars on GitHub
microsoft/security-devops-action v1.10.0
Run security analyzers.12 versions - Latest release: 6 months ago - 42 dependent repositories - 80 stars on GitHub
mnavarrocarter/authorize-aws-security-group-ingress-action v1.1.0
Creates a inbound rule in an AWS Security Group and deletes it when the job finishes2 versions - Latest release: about 2 months ago - 6 stars on GitHub
ncino/quack-scan latest removed
Run static code dependency scan using Black Duck Synopsys scan for NPM and PIP using Synopsys 6.0.7 versions - Latest release: about 3 years ago - 2 stars on GitHub
Top 9.9% on github actions
4 versions - Latest release: 7 months ago - 10 dependent repositories - 27 stars on GitHub
Nekmo/pip-rating v0.2.2
Run pip-rating on the project to get the requirements rating based on criteria like freshness, po...4 versions - Latest release: 7 months ago - 10 dependent repositories - 27 stars on GitHub
NeuraLegion/run-scan v1
Run a Nexploit scan right in GitHub Action3 versions - Latest release: about 4 years ago - 26 dependent repositories - 2 stars on GitHub
NeuraLegion/stop-scan v1
Stops Nexploit Scan1 version - Latest release: about 4 years ago - 0 stars on GitHub
NeuraLegion/wait-for v1
Run a Nexploit scan right in GitHub Action1 version - Latest release: about 4 years ago - 0 stars on GitHub
Related Keywords
github-actions
75
devsecops
29
security-tools
27
actions
25
static-analysis
20
security-automation
20
action
17
continuous-integration
14
github-action
12
ci
12
hacktoberfest
12
python
11
security-audit
11
scanning
9
sast
9
security-scanner
9
devops
9
github
8
secrets
8
compliance
8
aws
8
cicd
8
vulnerability-detection
7
lint
7
vulnerability
7
docker
7
scan
6
deployment
5
linter
5
testing
5
analysis
5
container
5
kubernetes
5
vulnerability-scanners
5
vulnerabilities
5
workflow
5
code-quality
5
dast
5
golang
5
vulnerability-scanner
4
secret-management
4
static-code-analysis
4
security-testing
4
terraform
4
security-vulnerability
4
containers
4
deployment-automation
4
sarif-report
4
automation
4
code-scanning
4
software-composition-analysis
4
appsec
4
marketplace
3
rails
3
appscan
3
test
3
supply-chain-security
3
dynamic-analysis
3
checkmarx
3
iam
3
sbom
3
sca
3
dependabot
3
cve
3
dependency
3
code-review
3
ruby
3
php
3
azure
3
scanner
3
supply-chain
3
review
3
rust
2
nvd
2
rating
2
pip
2
trivy
2
owasp
2
nodejs
2
dependencies
2
docker-image
2
rustsec
2
flake8
2
ssh
2
secrets-manager
2
secrets-management
2
rust-lang
2
broken-links
2
bugbounty
2
secrets-detection
2
cloudformation
2
deployment-pipeline
2
compliance-as-code
2
codeql
2
auditor
2
audit
2
bill-of-materials
2
automation-testing
2
google-cloud-platform
2
authentication
2